Electronic Funds Transaction Point of Sale (EFTPOS) terminals and systems have operated for many years. Most current EFTPOS terminals function in the same manner in that account data are input to the terminal, usually via a magnetic stripe reading device. A display and keypad are usually integrated with the EFTPOS terminal. The consumer is prompted to enter a personal identification number (PIN) associated with a debit card before the account data are sent to a bank or financial institution for payment authorization. Once authorization is received the transaction continues until completion, for example, by receipt of article purchased and receiving the receipt.
EFTPOS systems are highly secure systems that are designed to run a limited number of applications using a dial out modem. The modem is linked to servers that are controlled by financial institutions. Only authorized bank personnel are authorized to install or upgrade software applications residing in the EFTPOS terminals. PIN numbers are not stored in the terminals, and tampering with any EFTPOS terminal is automatically detected and payment transactions through the tampered line are immediately suspended.
EFTPOS terminals are usually located adjacent the cash register in merchant locations for conveniently processing payments. Once the data are input to the terminal, the data are sent via a transaction-switching network to the customer-bank's host computer to obtain bank authorization. The merchant's bank coordinates the settlement of funds from the customer's bank to the merchant's bank.
In an effort to compete more effectively with on-line vendors, brick-and-mortar merchants have started to offer the convenience of Internet shopping sites and of product exchanges/returns at their physical store locations of on-line purchases. This strategy may work to maintain the current customer base, nevertheless, merchants need in-store customer traffic to grow in order to compensate for increasing operating costs of maintaining the physical store locations.
Consumers that shop frequently on-line or pay their bills on-line try to balance convenience with risk since these transactions have relatively poor security safeguards. Despite the efforts of on-line vendors to improve the security of purchase transactions, the fact that the transactions are being conducted over a public network, such as the Internet, makes it extremely difficult to prevent others from capturing sensitive information as it is being transmitted over the public network. EFTPOS systems, on the other hand, provide a high level of security in processing payments due to controlled communications lines and complex protocols required by financial institutions. However, these transactions are limited to authorization of payments and electronic funds transfers that are not conducted over the Internet or any other public network. Any attempts to make EFTPOS systems more flexible have been deterred due to the number of different protocols that exist (since each financial institution has its own protocol and guidelines) and the requirement of controlling communications to maintain high levels of security. Personal computers do offer the convenience of entering your credit card number for on-line purchases. However, payment security is compromised as a consequence of such convenience.
A method and a system that address the aforementioned problems, as well as other related problems, are therefore desirable.